Merchants may conduct transactions for items and services with customers. During a transaction between a merchant and a customer, the merchant can use a point-of-sale (POS) device to input information associated with the transaction. It is desirable to have mechanisms that ensure that a customer who is using a portable customer device such as a credit card is really the customer who is associated with the credit card. Fraudulent activity can be very costly to merchants, issuers of portable customer devices, and others. In one conventional customer authentication process, a customer is asked to supply his or her zip code or other personally identifiable information. While such conventional authentication methods are somewhat effective, they are typically static. If someone has stolen a customer's portable customer device and knows the customer's zip code, for example, that person could still conduct fraudulent transactions using the authentic portable customer device.